diff --git a/include/password-methods/class_passwordMethod.inc b/include/password-methods/class_passwordMethod.inc
index 841a0889bac38fb41c84385206147f558ea27b7e..954daa58b8893094a90b334f4098fa40c5b8609a 100755
--- a/include/password-methods/class_passwordMethod.inc
+++ b/include/password-methods/class_passwordMethod.inc
@@ -112,7 +112,7 @@ abstract class passwordMethod
$pwd = $attrs['userPassword'][0];
}
}
- return preg_match("/^[^\}]*+\}!/", $pwd);
+ return preg_match("/^[^\}]*+\}!/", (string) $pwd);
}
/*! \brief Locks an account by adding a '!' as prefix to the password hashes.
@@ -188,14 +188,14 @@ abstract class passwordMethod
if (empty($pwd)) {
$pwd = passwordMethodEmpty::LOCKVALUE;
} else {
- $pwd = preg_replace("/(^[^\}]+\})(.*$)/", "\\1!\\2", $pwd);
+ $pwd = preg_replace("/(^[^\}]+\})(.*$)/", "\\1!\\2", (string) $pwd);
}
} else {
/* Unlock entry */
if ($pwd == passwordMethodEmpty::LOCKVALUE) {
$pwd = '';
} else {
- $pwd = preg_replace("/(^[^\}]+\})!(.*$)/", "\\1\\2", $pwd);
+ $pwd = preg_replace("/(^[^\}]+\})!(.*$)/", "\\1\\2", (string) $pwd);
}
}
$modify['userPassword'] = $pwd;
@@ -338,7 +338,7 @@ abstract class passwordMethod
static function _extract_method ($password_hash): string
{
$hash = static::get_hash_name();
- if (preg_match("/^\{$hash\}/i", $password_hash)) {
+ if (preg_match("/^\{$hash\}/i", (string) $password_hash)) {
return $hash;
}
@@ -391,7 +391,7 @@ abstract class passwordMethod
global $config;
if ($config->get_cfg_value('strictPasswordRules') == 'TRUE') {
// Do we have UTF8 characters in the password?
- return ($password == utf8_decode($password));
+ return ($password == mb_convert_encoding((string) $password, 'ISO-8859-1'));
}
return TRUE;
diff --git a/include/password-methods/class_passwordMethodCrypt.inc b/include/password-methods/class_passwordMethodCrypt.inc
index 924e0c602ace46070e7292ca532399a58cc8b6b5..77a1995c95f059502ef18347f62454f5e0336dc6 100755
--- a/include/password-methods/class_passwordMethodCrypt.inc
+++ b/include/password-methods/class_passwordMethodCrypt.inc
@@ -148,11 +148,11 @@ class passwordMethodCrypt extends passwordMethod
*/
static function _extract_method ($password_hash): string
{
- if (!preg_match('/^{crypt}/i', $password_hash)) {
+ if (!preg_match('/^{crypt}/i', (string) $password_hash)) {
return "";
}
- $password_hash = preg_replace('/^{[^}]+}!?/', '', $password_hash);
+ $password_hash = preg_replace('/^{[^}]+}!?/', '', (string) $password_hash);
if (preg_match("/^[a-zA-Z0-9.\/][a-zA-Z0-9.\/]/", $password_hash)) {
return "crypt/standard-des";
diff --git a/include/password-methods/class_passwordMethodSasl.inc b/include/password-methods/class_passwordMethodSasl.inc
index ba7b9a2d5d47a37b69b37c1289401d3ad82518b1..c6889c024c79f2784dbff6caeba0a7a201005cd2 100755
--- a/include/password-methods/class_passwordMethodSasl.inc
+++ b/include/password-methods/class_passwordMethodSasl.inc
@@ -44,8 +44,8 @@ class passwordMethodSasl extends passwordMethod
function __construct ($dn = '', $userTab = NULL)
{
global $config;
- $this->realm = trim($config->get_cfg_value('saslRealm', ''));
- $this->exop = trim($config->get_cfg_value('saslExop', ''));
+ $this->realm = trim((string) $config->get_cfg_value('saslRealm', ''));
+ $this->exop = trim((string) $config->get_cfg_value('saslExop', ''));
if ($dn == '' || $dn == 'new') {
return;
diff --git a/include/password-methods/class_passwordMethodSmd5.inc b/include/password-methods/class_passwordMethodSmd5.inc
index b44b3ea142382abaa2672129fd380485cd4ab8cc..47e524a8b9d33b12d7dd6dca560270a414c3b341 100755
--- a/include/password-methods/class_passwordMethodSmd5.inc
+++ b/include/password-methods/class_passwordMethodSmd5.inc
@@ -65,7 +65,7 @@ class passwordMethodSmd5 extends passwordMethod
function checkPassword ($pwd, $hash): bool
{
- $hash = base64_decode(substr($hash, 6));
+ $hash = base64_decode(substr((string) $hash, 6));
$salt = substr($hash, 16);
$hash = substr($hash, 0, 16);
$nhash = pack('H*', md5($pwd . $salt));
diff --git a/include/password-methods/class_passwordMethodSsha.inc b/include/password-methods/class_passwordMethodSsha.inc
index 6cc0c01c85187eb21df73e239d74180acc3234e7..63f17b98ed85bf8a9a6f5f0a1fb4410dea65227b 100755
--- a/include/password-methods/class_passwordMethodSsha.inc
+++ b/include/password-methods/class_passwordMethodSsha.inc
@@ -73,7 +73,7 @@ class passwordMethodSsha extends passwordMethod
function checkPassword ($pwd, $hash): bool
{
- $hash = base64_decode(substr($hash, 6));
+ $hash = base64_decode(substr((string) $hash, 6));
$salt = substr($hash, 20);
$hash = substr($hash, 0, 20);
if (function_exists('sha1')) {
diff --git a/include/password-methods/class_passwordMethodSsha512.inc b/include/password-methods/class_passwordMethodSsha512.inc
index 5a52f7bf9886daa8e21d9643be973b3c4269aed9..5767aeb26002eed2ec581e01f275375cbd1555f5 100755
--- a/include/password-methods/class_passwordMethodSsha512.inc
+++ b/include/password-methods/class_passwordMethodSsha512.inc
@@ -70,7 +70,7 @@ class passwordMethodSsha512 extends passwordMethod
function checkPassword ($pwd, $hash): bool
{
- $hash = base64_decode(substr($hash, 9));
+ $hash = base64_decode(substr((string) $hash, 9));
$salt = substr($hash, 64);
$hash = substr($hash, 0, 64);
if (function_exists('hash')) {